isLoggedIn()) { errorpage("You need to be logged in to delete a comment."); exit; } /* if we aren't an admin or the maintainer of this app we shouldn't be */ /* allowed to delete any comments */ if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($_REQUEST['appId'], $_REQUEST['versionId'])) { errorpage('You don\'t have admin privileges'); exit; } /* retrieve the parentID of the comment we are deleting */ /* so we can fix up the parentIds of this comments children */ $result = query_appdb("SELECT parentId FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'"); if (!$result) { errorpage('Internal error retrieving parent of commentId'); exit; } $ob = mysql_fetch_object($result); $deletedParentId = $ob->parentId; /* get the subject and body from the comment */ $result = query_appdb("select * FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'"); if (!$result) redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); $ob = mysql_fetch_object($result); $body = $ob->body; $subject = $ob->subject; if($_SESSION['current']->getpref("confirm_comment_deletion") != "no" && !isset($_REQUEST['int_delete_it'])) { apidb_header("Delete Comment"); $mesTitle = "Please state why you are deleting the following comment"; echo "

\n"; echo html_frame_start($mesTitle,500,"",0); echo "
"; echo html_frame_start($ob->subject,500); echo htmlify_urls($ob->body), "

\n"; echo html_frame_end(); echo '',"\n"; echo "\n"; echo "\n"; echo "

\n"; echo " \n"; echo "

\n"; echo html_frame_end(); echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo ""; echo "

"; ?>

 

userId); $notify_user_email=$oUser->sEmail; $notify_user_realname=$oUser->sRealname; $sEmail .= $notify_user_email; if($sEmail) { $sFullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']); $sMsg = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\r\n"; $sMsg .= "\r\n"; $sMsg .= $_SESSION['current']->realname." deleted comment from ".$sFullAppName."\r\n"; $sMsg .= "\n"; $sMsg .= "This comment was made on ".substr($ob->time,0,10)." by $notify_user_realname \r\n"; $sMsg .= "\r\n"; $sMsg .= "Subject: ".$subject."\r\n"; $sMsg .= "\r\n"; $sMsg .= $body."\r\n"; $sMsg .= "\r\n"; $sMsg .= "Because:\r\n"; if($_REQUEST['str_why']) $sMsg .= stripslashes($_REQUEST['str_why'])."\r\n"; else $sMsg .= "No reason given.\r\n"; mail_appdb($sEmail, $sFullAppName ,$sMsg); } addmsg("Comment deleted", "green"); redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); } } } ?>